The increasing use of malicious computer codes to infect computers severely disrupts the vital operations of U.S. businesses large and small. A particularly disruptive strain of malicious codes encrypts user files unwittingly then requires payment of ransom fees to unlock files stored on network servers. Businesses either pay up or risk losing access to the files forever. Being denied immediate access to critical information, such as patient data in a medical care environment, can cause serious harm to both the organization and to the customer-patient. Likewise, industrial network operations running hazardous equipment puts employees and customers alike at risk of harm.
Companies store all manner of critical and proprietary business information on computer networks and rely on ready access in daily operations. When a company is denied access by malicious attack the operations of the business grind to a halt. Computer viruses that attack and encrypt computer storage necessarily have full access to the information stored thereon, including the private information of its employees and customers. Breaches of computer networks thus expose the company to liability for the loss of personally identifying information. Civil liability and new regulatory requirements for safeguarding private information puts a legal and reputational strain on the businesses.
Cloud computing, the storage of information in third-party networks via the Internet, offers no relief. Notorious breaches of cloud storage networks advertised as “secure” leave no storage means untouched by hackers, with dire and costly consequences to the company involved. Storage on local network servers offers some control over access by external hackers, but only so far as the storage in inaccessible to the internet. Storage on local networks offers little to no protection from internal hackers to local networks. Often, breaches of network security occur inadvertently by users failing to heed the warnings of network administrators to avoid opening emails and such on local computers. When such breaches occur, network administrators often rely on backup storage to recover lost files to previous versions of the files and to historical data settings according to daily, weekly, or monthly backup schedules. The loss of subsequent data and the exposure of the backup storage system itself to malicious code make this solution unpalatable.
The most secure computer storage system is one with no access to or from its host computer or network, which is, of course, of little utility in a networked information system. Some access must be provided and therefore exposure to some level of malicious code risk is inevitable. Efforts to limit the impact on data loss by sequestering ever more frequent backup storage, moving data offsite or offline, increases operational and capital costs to small and medium sized businesses who can least afford it.
Complicated prior art schemes and systems to safeguard backup storage systems or continuously monitor networked computer storage systems are expensive to staff and maintain, and prove unsatisfactory in practice. For example, international patent application publication WO 2014/111920 discloses a data storage system that switches power to a hard drive under the control of a processor using continuous monitoring of data transfers for suspect data patterns. Power to the hard drive is removed when a suspicious pattern is sensed in the data, but otherwise leaves the hard drive exposed at all times to the host computer, and requires that the sensors recognize ever-changing patterns of malicious software.
U.S. Pat. No. 7,346,790 discloses a method of cycling the power of a data storage system according to a schedule under the control of a host computer. However, the method creates no barrier to access by the host computer leaving the storage system exposed to malicious attacks on the host computer itself.
U.S. Pat. No. 8,015,420 discloses a data storage system providing remote control of the power supply to the storage enclosure. The enclosure includes a power supply module capable of remote wake-up by the host computer or network server. As such, the method creates no barrier to access by a virus infected remote system leaving the data storage system exposed to malicious attacks.